Lucene search

K
DebianDebian Linux

9127 matches found

CVE
CVE
added 2022/04/18 5:15 p.m.61 views

CVE-2020-28615

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of ...

10CVSS9.2AI score0.0032EPSS
CVE
CVE
added 2022/04/18 5:15 p.m.61 views

CVE-2020-28623

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of ...

10CVSS9.2AI score0.0032EPSS
CVE
CVE
added 2020/12/15 6:15 p.m.61 views

CVE-2020-29479

An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately, permissions were not checked for certain operations on the root node. Unprivileged guest...

8.8CVSS8.4AI score0.00046EPSS
CVE
CVE
added 2021/07/19 5:15 p.m.61 views

CVE-2020-36425

An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock.

5.3CVSS6.6AI score0.00299EPSS
CVE
CVE
added 2021/08/25 7:15 p.m.61 views

CVE-2021-21834

An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input when decoding the atom for the “co64” FOURCC can cause an integer overflow due to unchecked arithmetic resulting in ...

8.8CVSS8.6AI score0.00274EPSS
CVE
CVE
added 2021/08/18 1:15 p.m.61 views

CVE-2021-21838

Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that caus...

8.8CVSS8.8AI score0.00303EPSS
CVE
CVE
added 2021/08/18 1:15 p.m.61 views

CVE-2021-21846

Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input in “stsz” decoder can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer ...

8.8CVSS8.8AI score0.00303EPSS
CVE
CVE
added 2021/09/01 3:15 p.m.61 views

CVE-2021-36045

XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victi...

4.3CVSS3.5AI score0.00614EPSS
CVE
CVE
added 2021/09/01 3:15 p.m.61 views

CVE-2021-36055

XMP Toolkit SDK versions 2020.1 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

9.3CVSS7.6AI score0.00995EPSS
CVE
CVE
added 2021/12/22 7:15 p.m.61 views

CVE-2021-40393

An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit 71493260). A specially-crafted gerber file can lead to code execution. An attacker can provide a malicious file...

10CVSS9.4AI score0.00332EPSS
CVE
CVE
added 2021/11/09 1:15 p.m.61 views

CVE-2021-43114

FORT Validator versions prior to 1.5.2 will crash if an RPKI CA publishes an X.509 EE certificate. This will lead to RTR clients such as BGP routers to lose access to the RPKI VRP data set, effectively disabling Route Origin Validation.

7.5CVSS7.7AI score0.00566EPSS
CVE
CVE
added 2021/11/09 5:15 p.m.61 views

CVE-2021-43174

NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, support the gzip transfer encoding when querying RRDP repositories. This encoding can be used by an RRDP repository to cause an out-of-memory crash in these versions of Routinator. RRDP uses XML which allows arbitrary amounts of white...

7.5CVSS7.6AI score0.00715EPSS
CVE
CVE
added 2022/12/23 11:3 p.m.61 views

CVE-2022-43600

Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability a...

8.1CVSS9.1AI score0.0028EPSS
CVE
CVE
added 2023/03/01 3:15 p.m.61 views

CVE-2023-24754

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.

5.5CVSS5.4AI score0.00022EPSS
CVE
CVE
added 2024/02/14 10:15 p.m.61 views

CVE-2023-48733

An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot.

6.7CVSS6.7AI score0.00013EPSS
CVE
CVE
added 2000/01/04 5:0 a.m.60 views

CVE-1999-0730

The zsoelim program in the Debian man-db package allows local users to overwrite files via a symlink attack.

10CVSS6.6AI score0.01021EPSS
CVE
CVE
added 2000/01/04 5:0 a.m.60 views

CVE-1999-0732

The logging facility of the Debian smtp-refuser package allows local users to delete arbitrary files using symbolic links.

2.1CVSS6.8AI score0.00135EPSS
CVE
CVE
added 2000/01/18 5:0 a.m.60 views

CVE-1999-0743

Trn allows local users to overwrite other users' files via symlinks.

2.1CVSS6.7AI score0.00112EPSS
CVE
CVE
added 2000/10/13 4:0 a.m.60 views

CVE-2000-0289

IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection.

5CVSS6.7AI score0.00826EPSS
CVE
CVE
added 2002/06/25 4:0 a.m.60 views

CVE-2001-0886

Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character.

4.6CVSS7.7AI score0.00228EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.60 views

CVE-2005-0211

Buffer overflow in wccp.c in Squid 2.5 before 2.5.STABLE7 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long WCCP packet, which is processed by a recvfrom function call that uses an incorrect length parameter.

7.5CVSS7.6AI score0.41519EPSS
CVE
CVE
added 2005/09/30 10:5 a.m.60 views

CVE-2005-3106

Race condition in Linux 2.6, when threads are sharing memory mapping via CLONE_VM (such as linuxthreads and vfork), might allow local users to cause a denial of service (deadlock) by triggering a core dump while waiting for a thread that has just performed an exec.

4.7CVSS4.8AI score0.00078EPSS
CVE
CVE
added 2008/08/08 7:41 p.m.60 views

CVE-2008-3535

Off-by-one error in the iov_iter_advance function in mm/filemap.c in the Linux kernel before 2.6.27-rc2 allows local users to cause a denial of service (system crash) via a certain sequence of file I/O operations with readv and writev, as demonstrated by testcases/kernel/fs/ftest/ftest03 from the L...

4.9CVSS4.9AI score0.00047EPSS
CVE
CVE
added 2009/03/31 6:24 p.m.60 views

CVE-2009-1073

nss-ldapd before 0.6.8 uses world-readable permissions for the /etc/nss-ldapd.conf file, which allows local users to obtain a cleartext password for the LDAP server by reading the bindpw field.

5.5CVSS5.2AI score0.00205EPSS
Web
CVE
CVE
added 2019/11/12 8:15 p.m.60 views

CVE-2010-3438

libpoe-component-irc-perl before v6.32 does not remove carriage returns and line feeds. This can be used to execute arbitrary IRC commands by passing an argument such as "some text\rQUIT" to the 'privmsg' handler, which would cause the client to disconnect from the server.

9.8CVSS9.7AI score0.00527EPSS
CVE
CVE
added 2010/11/06 12:0 a.m.60 views

CVE-2010-4199

Google Chrome before 7.0.517.44 does not properly perform a cast of an unspecified variable during processing of an SVG use element, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted SVG document.

8.8CVSS9.2AI score0.0081EPSS
CVE
CVE
added 2012/09/18 6:55 p.m.60 views

CVE-2012-1183

Stack-based buffer overflow in the milliwatt_generate function in the Miliwatt application in Asterisk 1.4.x before 1.4.44, 1.6.x before 1.6.2.23, 1.8.x before 1.8.10.1, and 10.x before 10.2.1, when the o option is used and the internal_timing option is off, allows remote attackers to cause a denia...

4.3CVSS6.8AI score0.00219EPSS
CVE
CVE
added 2013/07/10 10:55 a.m.60 views

CVE-2013-2868

common/extensions/sync_helper.cc in Google Chrome before 28.0.1500.71 proceeds with sync operations for NPAPI extensions without checking for a certain plugin permission setting, which might allow remote attackers to trigger unwanted extension changes via unspecified vectors.

5CVSS6.1AI score0.00384EPSS
CVE
CVE
added 2013/08/21 12:17 p.m.60 views

CVE-2013-2903

Use-after-free vulnerability in the HTMLMediaElement::didMoveToNewDocument function in core/html/HTMLMediaElement.cpp in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving moving a...

7.5CVSS7AI score0.00887EPSS
CVE
CVE
added 2013/05/25 3:18 a.m.60 views

CVE-2013-3558

The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.

5CVSS6.3AI score0.03264EPSS
CVE
CVE
added 2019/11/21 2:15 p.m.60 views

CVE-2014-0083

The Ruby net-ldap gem before 0.11 uses a weak salt when generating SSHA passwords.

5.5CVSS5.4AI score0.00066EPSS
CVE
CVE
added 2014/10/20 5:55 p.m.60 views

CVE-2014-5026

Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a (1) Graph Tree Title in a delete or (2) edit action; (3) CDEF Name, (4) Data Input Method Name, or (5) Host Templates Name in a delet...

3.5CVSS7.2AI score0.00347EPSS
CVE
CVE
added 2019/11/19 4:15 p.m.60 views

CVE-2014-5439

Multiple Stack-based Buffer Overflow vulnerabilities exists in Sniffit prior to 0.3.7 via a crafted configuration file that will bypass Non-eXecutable bit NX, stack smashing protector SSP, and address space layout randomization ASLR protection mechanisms, which could let a malicious user execute ar...

9.3CVSS7.7AI score0.00422EPSS
Web
CVE
CVE
added 2014/12/01 3:59 p.m.60 views

CVE-2014-8866

The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service (host crash) via vectors involving altering the high halves of registers while in 64-bit mode.

4.7CVSS5AI score0.00093EPSS
CVE
CVE
added 2016/05/13 4:59 p.m.60 views

CVE-2014-9764

imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a crafted GIF file.

7.5CVSS7AI score0.01608EPSS
CVE
CVE
added 2018/01/08 7:29 p.m.60 views

CVE-2015-2318

The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue.

8.1CVSS8.1AI score0.0129EPSS
CVE
CVE
added 2015/05/08 2:59 p.m.60 views

CVE-2015-3011

Multiple cross-site scripting (XSS) vulnerabilities in the contacts application in ownCloud Server Community Edition before 5.0.19, 6.x before 6.0.7, and 7.x before 7.0.5 allow remote authenticated users to inject arbitrary web script or HTML via a crafted contact.

3.5CVSS5.2AI score0.00209EPSS
CVE
CVE
added 2016/05/13 4:59 p.m.60 views

CVE-2015-8312

Off-by-one error in afs_pioctl.c in OpenAFS before 1.6.16 might allow local users to cause a denial of service (memory overwrite and system crash) via a pioctl with an input buffer size of 4096 bytes.

7.8CVSS7.1AI score0.0004EPSS
CVE
CVE
added 2016/09/22 3:59 p.m.60 views

CVE-2016-6525

Heap-based buffer overflow in the pdf_load_mesh_params function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a large decode array.

9.8CVSS8.9AI score0.05362EPSS
CVE
CVE
added 2016/09/26 3:59 p.m.60 views

CVE-2016-7142

The m_sasl module in InspIRCd before 2.0.23, when used with a service that supports SASL_EXTERNAL authentication, allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted SASL message.

5.9CVSS5.4AI score0.00138EPSS
CVE
CVE
added 2017/09/03 8:29 p.m.60 views

CVE-2017-14121

The DecodeNumber function in unrarlib.c in unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a NULL pointer dereference flaw triggered by a crafted RAR archive. NOTE: this may be the same as one of the several test cases in the CVE-2017-11189 references.

5.5CVSS5.8AI score0.00389EPSS
CVE
CVE
added 2017/10/18 2:29 a.m.60 views

CVE-2017-15571

In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/views/issues/_list.html.erb via crafted column data.

6.1CVSS6.8AI score0.00517EPSS
CVE
CVE
added 2017/10/28 9:29 p.m.60 views

CVE-2017-15953

bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow and crash when processing a malformed CUE (.cue) file.

5.5CVSS5.4AI score0.00266EPSS
CVE
CVE
added 2017/11/16 5:29 p.m.60 views

CVE-2017-16852

shibsp/metadata/DynamicMetadataProvider.cpp in the Dynamic MetadataProvider plugin in Shibboleth Service Provider before 2.6.1 fails to properly configure itself with the MetadataFilter plugins and does not perform critical security checks such as signature verification, enforcement of validity per...

8.1CVSS7.8AI score0.00315EPSS
CVE
CVE
added 2017/11/17 9:29 a.m.60 views

CVE-2017-16872

An issue was discovered in Teluu pjproject (pjlib and pjlib-util) in PJSIP before 2.7.1. Parsing the numeric header fields in a SIP message (like cseq, ttl, port, etc.) all had the potential to overflow, either causing unintended values to be captured or, if the values were subsequently converted b...

9.8CVSS9.3AI score0.00865EPSS
CVE
CVE
added 2017/12/20 5:29 p.m.60 views

CVE-2017-17476

Open Ticket Request System (OTRS) 4.0.x before 4.0.28, 5.0.x before 5.0.26, and 6.0.x before 6.0.3, when cookie support is disabled, might allow remote attackers to hijack web sessions and consequently gain privileges via a crafted email.

8.8CVSS8.4AI score0.00891EPSS
CVE
CVE
added 2017/05/08 2:29 p.m.60 views

CVE-2017-8844

The read_1g function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted archive.

7.8CVSS8.1AI score0.00356EPSS
CVE
CVE
added 2018/05/24 1:29 p.m.60 views

CVE-2018-1000037

In Artifex MuPDF 1.12.0 and earlier, multiple reachable assertions in the PDF parser allow an attacker to cause a denial of service (assert crash) via a crafted file.

5.5CVSS5.3AI score0.00304EPSS
CVE
CVE
added 2018/06/29 2:29 p.m.60 views

CVE-2018-13006

An issue was discovered in MP4Box in GPAC 0.7.1. There is a heap-based buffer over-read in the isomedia/box_dump.c function hdlr_dump.

9.8CVSS9.3AI score0.00697EPSS
CVE
CVE
added 2018/07/17 3:29 p.m.60 views

CVE-2018-14347

GNU Libextractor before 1.7 contains an infinite loop vulnerability in EXTRACTOR_mpeg_extract_method (mpeg_extractor.c).

6.5CVSS7.1AI score0.00443EPSS
Total number of security vulnerabilities9127